[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

weird ping issue

I have a very strange issue.  I have a win 2k sp4 server behind a firewall that cannot ping a certain public IP address.  Other servers and clients on the same network behind the same firewall can ping the address.  When I do a trace route to the public ip address on the affected server, I trace down to the gateway address and then time out.  On the other servers/clients on same network, I can trace route through to the next and final hop.  I can browse to a webserver on that public IP address on the affected machine.  Just the ping won’t work. I have deleted the route on the affetcted server using the route delete command to no avail.  I have no outbound restrictive policies and the host device doesn’t either. Can anyone help with this?
0
mingo3369
Asked:
mingo3369
2 Solutions
 
mattacukCommented:
What is the make and model of the Router/Firewall ?(your default gateway).  It is possible to explicitly deny ICMP (Pings) on a host by host basis using Cisco routers for example.
0
 
mingo3369Author Commented:
I thought of this but we have not made any router or firewall changes.  This just began happening all of a sudden.
0
 
mattacukCommented:
Interesting. This may sound odd, but you could try putting the server in question into another switchport as ive seen faulty switchports distort packet contents in the past. Also, could I pleased see the contents of IPconfig/all for the NIC on your server.''

thanks
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
mingo3369Author Commented:
Wouldn't fauluty switch port distort all ping tranmissions?  I can ping a whole range of other public Ip's from that server.
0
 
maharlikaCommented:
Can you ping other public ip addresses from this server? If so, is it possible that your particular server is being blocked on the other end; the public device possibly blocking it?
0
 
mattacukCommented:
you are correct, i missread the question.
0
 
mingo3369Author Commented:
No problem, I just appreciate the help, I am stumped.
0
 
mattacukCommented:
You say the trace on your server times-out at the default gateway? could i see your ipconfig/all possibly?
0
 
mattacukCommented:
I would suggest that as all of your other hosts on your internal subnet can ping this external public IP address you do not have a routing issue. Also, as you would typically have 1 IP address on the wan interface of your router/firewall and are using NAT (I assume you are) the public server has not blocked you (it is not possible to block a specific internal host behind a nat device on a public server). It may be that you have a problem  with TCP/IP on the server perhaps? You could try re-installing TCP/IP on the server. If you can access a webpage via http  I would suggest DNS is working ok.
0
 
Craig_200XCommented:
I would try another switchport. I have seen low end routers and hubs do this.
0
 
mattacukCommented:
Craig,  agreed. Ive seen low end switches pass only icmp, but not IP, TCP, or UDP! crazy huh?:-)
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now